stacker.news/middleware.js

60 lines
1.8 KiB
JavaScript

import { NextResponse } from 'next/server'
const referrerMiddleware = (request) => {
const regex = /(\/.*)?\/r\/([\w_]+)/
const m = regex.exec(request.nextUrl.pathname)
const url = new URL(m[1] || '/', request.url)
url.search = request.nextUrl.search
url.hash = request.nextUrl.hash
const resp = NextResponse.redirect(url)
resp.cookies.set('sn_referrer', m[2])
return resp
}
const multiAuthMiddleware = (request) => {
// switch next-auth session cookie with multi_auth cookie if cookie pointer present
// is there a cookie pointer?
const cookiePointerName = 'multi_auth.user-id'
const hasCookiePointer = request.cookies?.has(cookiePointerName)
// is there a session?
const sessionCookieName = '__Secure-next-auth.session-token'
const hasSession = request.cookies?.has(sessionCookieName)
if (!hasCookiePointer || !hasSession) {
// no session or no cookie pointer. do nothing.
return NextResponse.next({ request })
}
const userId = request.cookies?.get(cookiePointerName)?.value
if (userId === 'anonymous') {
// user switched to anon. only delete session cookie.
request.cookies.delete(sessionCookieName)
return NextResponse.next({ request })
}
const userJWT = request.cookies.get(`multi_auth.${userId}`)?.value
if (!userJWT) {
// no multi auth JWT found
return NextResponse.next({ request })
}
if (userJWT) {
// multi auth JWT found in cookie that pointed to by cookie pointer that is different to current session cookie.
request.cookies.set(sessionCookieName, userJWT)
return NextResponse.next({ request })
}
return NextResponse.next({ request })
}
export function middleware (request) {
const referrerRegexp = /(\/.*)?\/r\/([\w_]+)/
if (referrerRegexp.test(request.nextUrl.pathname)) {
return referrerMiddleware(request)
}
return multiAuthMiddleware(request)
}